To configure Workfront Single Sign-On with Azure Active Directory, you need the following items:

An Azure Active Directory subscription

A Workfront subscription enabled for using Single Sign-On integrations

An Azure Active Directory system administrator

A Workfront system administrator

NOTE Workfront is not responsible for setting up and troubleshooting your Azure Active Directory configuration. You must have an in-house system administrator that manages that part of the integration, in addition to a Workfront system administrator.

Adding Workfront from the Azure Gallery

To configure the integration of Workfront SSO with Azure Active Directory, you need to add Workfront from the Azure gallery to your list of managed SaaS apps.

In the Azure Portal, on the left navigation panel, click the Azure Active Directory icon.

Navigate to Enterprise applications. Then go to All applications.

To add a new application, click the New application button on the top of the dialog.

In the search box, type Workfront.

In the results panel, select Workfront, and then click Add button to add the application.

Configuring Azure Active Directory Single Sign-On

In the Azure Portal, on the Workfront application integration page, click Single sign-on.

On the Single sign-on dialog box, select Mode as SAML-based Sign-on to enable Single Sign-On.

In the Workfront Domain and URLs section, specify the following information:- Sign-on URL: your Workfront URL using the following pattern: https://<companyname>.my.workfront.com- Identifier: your Workfront SAML 2.0 URL using the following pattern: https://<companyname>.my.workfront.com/SAML2

In the SAML Signing Certificate section, click Certificate(Base64) and then save the Certificate file on your computer.

Click Save button.

In the Workfront Configuration section, click Configure Workfront to open Configure sign-on window.

Copy the Sign-Out URL and SAML Single Sign-On Service URL from the Quick Reference section.

Configuring Workfront with Azure Active Directory

Log in to Workfront as a system administrator.

Navigate to the Setup area in the Global Navigation Bar.

Expand System, then click Single Sign-On (SSO).

Select SAML 2.0 for the Type field.

Specify the Service Provider ID in the following format:https://<companyname>.my.workfront.com/SAML2

Paste the SAML Single Sign-On Service URL into the Login Portal URL field.

Paste the Single Sign-Out URL into the Sign-Out URL field.

Specify the Change Password URL.

Click Save.

Audited 6/27/2018

This article last updated on 2018-08-13 13:47:39 UTC

Related articles

Thank you for taking the time to provide feedback. We appreciate and value your contribution to our site. Feedback provided here is regularly reviewed by our Product Documentation team. Please ensure your comments are specific to improving this help article. Any questions or requests outside this help article content should be directed to our Community User Forum or by submitting a ticket to customer support.